101communication LLC CertCities.com -- The Ultimate Site for Certified IT Professionals
"
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  e-Book Shop
  Practice Exams
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Industry Releases
  Job Search
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

CertCities.com
Let us know what you
think! E-mail us at:



-- advertisement --
Traveling to a
Tradeshow or Event?
Hotel Reservations
California Hotels
Colorado Hotels
Arizona Hotels
Florida Hotels
America Hotels
Cheap Hotels
Hotel Chains
USA Hotels
Last Minute Travel
Airline Tickets
Car Rentals

 
 
...Home ... Editorial ... Columns ..Column Story Tuesday: June 15, 2004


Click here to download the San Jose TechMentor PDF Brochure
Today's
Most Popular
Articles
1. 640-801: The New CCNA Exam
2. Security+: What a Disappointment!
3. CompTIA Announces Linux+ Update
4. Conquering Cisco’s Troubleshooting Exam (#642-831)
5. Federal Probe Targets ITT Tech
6. Finding Idle Users
7. 640-821: The CCNA in Two-Part Harmony
8. First Oracle 10g Beta Launching June 15
9. My 10 Favorite Tips for Increasing Windows 2000 Terminal Server Performance
10. MCDST Exam #70-272: Application Support Challenge

Certification Advisor   Greg Neilson
Greg Neilson
* REGISTERED USERS ONLY
Security+: What a Disappointment!
Greg takes CompTIA's Security+ exam and comes away wishing he'd spent the fee on expanding his CD collection.
by Greg Neilson  
4/6/2004 -- If you've read my earlier column on my plans for 2004, or my comments featured as part of CertCities' 10 Hottest Certifications for 2004, you would know that I am pretty bullish on CompTIA's Security+ certification. Actually, that should read was bullish. You see, I finally took the Security+ exam, and I must say I was very disappointed by it.

I'll say up front that I failed the exam by a couple of questions. But this is not about my score: I don't need Security+ title for my job or any future career plans. I took the exam because I was excited about the title; I thought it would be useful to broaden my security knowledge in areas that I don't deal with on a regular basis.

From my experience in taking more than 100 other certification exams, I expected Security+ to ask unambiguous questions with varying levels of difficulty that when combined -- and let's face it, there are 100 questions here today, so there's lots of scope for this variation -- would give a reliable indication of whether someone has acquired basic security skills in a broad range of areas. And I don't think that's an unreasonable expectation to have, especially considering this exam's $225 (U.S.) price tag. (Even worse, in Australia the cost in local currency was $415, which equates to $312!).

Unfortunately, this is NOT the exam we have today.

Much of Security+ consists of pretty easy questions about security, which probably accounts for the relatively high percentage needed to pass (83 percent). -- not unreasonable considering how many easy questions there are. However, there's two other types of questions on this exam: a handful covering content so obscure that only an expert can answer, and -- here's the kicker! -- others that are so poorly worded that you are unable to determine what you are being asked, let alone which is the correct response! In fact, before I took the test, I had seen comments posted in forums complaining about the quality of the Security+ exam questions, and I pretty much dismissed those posters as whiners. But now I know they were on to something. I wish I could put detailed examples of these questions here; but that, of course, would be giving away exam questions, which I can't do.

Now, I'm not a psychometrician, so I can't say that the Security+ exam doesn't confirm to this testing standard or that one. But considering the quality of the questions asked and the imbalance of the question difficulty levels, I can say that I simply don't believe that this exam does what it sets out to do: truly test one's knowledge of the subject at hand.

I have a number of other CompTIA certifications: Network+, Server+, Linux+ and IT Project+. Security+ simply doesn't conform to the same standard. Therefore, until CompTIA does some work to fix the problems with this exam, I can't recommend that anyone else take it, and I will no longer recommend the program to others. I did learn a great deal about security in my preparation, but as far as the exam itself goes, I would have been much better off spending the cash on expanding my CD collection.

I'd like to hear back from those of you out there that have taken this exam. What do you think? Let me know by posting your comments below.

Greg Neilson, MCSE+Internet, MCNE, PCLP, is a Contributing Editor for Microsoft Certified Professional Magazine and a manager at a large IT services firm in Australia. He's the author of Lotus Domino Administration in a Nutshell (O'Reilly and Associates, ISBN 1-56592-717-6). You can reach him at Attn: Greg.
 


There are 69 CertCities.com user Comments for “Security+: What a Disappointment!”
Page 6 of 7
4/19/04: Micky99 from Virginia says: Ok, so you failed the exam. Congrats you don't need another cert for future jobs or career plans. I wish I had that luxury. The tests that both MS and Comptia prescribe are a measure of a baseline of knowledge. That baseline is also looked upon when persons are hiring for a position. The fact bothers me that "You" failed. I have read your columns for as long as I have been in the "IT" field. Appreciated them too. But I must find fault with your "Failure" as well as the test not being about you. You of all people should have passed that test. I'm just a lowly MCPx2 with the A Plus and Netowrk Plus certs. Were they easy? No..I had to study for them. Did the exams and prep times increase my knowledge base-Yes they did. Did the certs add to my job marketability-Yes! Have I tried to keep up and broaden my horizens by applying for another cert?..Yes again. I agree sometimes that Comptia's wording is vague-And Microsoft's is not? I took the Security Plus beta exam and failed! It showed me the areas I needed to study and be aware of and knowledgable in. For the record, your review was a complete 180 out from what I have read in the past. It sounded more like a child crying for candy that he/she knows they can have, but can't reach it. I have disagreed with some questions on all of the exams I have taken. Bottom line is that I still need any and all certs I can "afford" to pay for-AFTER I have studied for an exam...an exam that while "You" didn't pass, I would consider taking and passing. It is a valid exam! It is hard exam! If a person passes it and has an MCP then so much the better. If I took the CISSP exam with 5 years experience (limited to help desk and contract Admin work) I would fail it...and with good reason. I dont have or never could afford the alphabet soup of certs so many people like you seem to have. As a "newbie" I still am going to take the exam and will also tell other people junior to me to take it and expand their base of knowledge. Even if I fail it again, I still will know more about security than the corporate weenies I run into every day.
4/21/04: Ken Andersen from Iowa says: Greg's quote- there's two other types of questions on this exam: a handful covering content so obscure that only an expert can answer, and -- here's the kicker! -- others that are so poorly worded that you are unable to determine what you are being asked, let alone which is the correct response! end quote My feelings exactly!
4/21/04: Drew says: Its hard to see any validity in this review when the reviewer says the exam is too easy but, oh yeah, he flunked it. Bizarre!
4/24/04: Steve Linthicum from Rocklin, CA says: Last year I took and passed both the CISSP and Security+ exams. Greg, you need to grow up and try again. I'd also suggest that you spend your energy on studying rather than complaining about an exam you failed. Kindest regards, Steve Linthicum Professor Sierra College
4/25/04: nsokolo from my failer to my Exam says: i have the i just failed my o level ae a xam co what don't with to wiht mysitk my
4/29/04: Anonymous says: Stick to A plus Comptia, its the best exam you have and also the most widely recognised.
5/2/04: Anonymous says: If you studied for the test you would of passed,I passed that test with a 864 first time out.....just my two cents
5/4/04: Tim from Hong Kong says: I also failed the exam by a small margin, but i made a couple of silly (and expensive) mistakes. I think it's a valid qualification though and at least its not as easy to braindump as MS tests as not as many people have done it.
5/8/04: Anonymous says: The main problem I see is that you need to use at least 4 different study guides because of how broad the topic of security is. I passed the exam (failed the first time and was fumed about the 'quality' of the questions then later accepted them for their 'quality') and found that no one (or two or three) prep guides are sufficient to pass the exam. You also need a significant amount of real world experience to pass. You can't just study for it and expect to pass. You will fail if you just brain dumped and have no real experience and real understanding of the concepts. This cert is very under-rated as an 'entry-level' cert. It's actually very advanced.
5/9/04: Anonymous says: This exam is not as entry-level as everyone says it is and the questions are worded extremely poorly. It's like the movie where the bomb defuser guy has to cut the red wire at 1000 ft under-water and all the wires look gray because the guy has a blue light shining on the wires. This test definately weeds out the people think they can pass the exam just by reading some prep guides.
First Page   Previous Page     Next Page   Last Page
Want to post a comment under this article? Please register. It's free, it's easy, and you'll only need to register once to access all of CertCities.com's exam reviews, tips articles, the ability to post under articles, and more. Click on the button below to start your registration,or read our FAQ if you'd like more information.
Already registered? Log in here:
User Name:
Password:
Remember me on this computer
" Forgot User Name/Password
top

Sponsored Links:
Secure Online Data Transfer: with SSL Introductory guide to SSL security
FREE MCSE Windows 2003 Training: Careeracademy.com Inc.
Windows File Serving?: FREE White Paper disucsses clustering solutions.
NEW report: Free Exchange Server 2003 product reviews by actual users
IT certification news delivered weekly: Subscribe Today!




Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Job Search | Industry Releases |RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | ENTmag.com | MCPmag.com | TCPmag.com | TechMentor Conferences | 101communications | Privacy Policy
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. Cisco® and Cisco Systems® are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. Oracle® is a registered trademark of Oracle Corp. A+®, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
All content copyright 2000-04 101communications LLC, unless otherwise noted. All rights reserved.
Reprints allowed with written permission from the publisher. For more information, e-mail